garyLittle
asked on
Followup question about VB.NETs weakness when it somes to protecting the algorithms of the primary code structure
This is a followup question concerning need for "obfuscation" of the code because someone can 'easily' get into and look at the primary code algorithms.
My application deals with highly classified encryption of data and if VB.NET opens up to the whole world what the algorithm is then there is a great problem.
This seems like a VERY GREAT WEAKNESS. I remember now that a few years ago I had decided that this problem was so serious that it kept me from converting to VB.NET. I thought by now that MS would have done something to fix it. Apprently not.
Has anyone run into this problem and does anyone have some sort of solution.
Gary
My application deals with highly classified encryption of data and if VB.NET opens up to the whole world what the algorithm is then there is a great problem.
This seems like a VERY GREAT WEAKNESS. I remember now that a few years ago I had decided that this problem was so serious that it kept me from converting to VB.NET. I thought by now that MS would have done something to fix it. Apprently not.
Has anyone run into this problem and does anyone have some sort of solution.
Gary
ASKER
Thank you for your information. I have looked at the references and learned from them.
HOWEVER, the question was not about encryption algorithms, I have already done that.
The purpose of my request for information is how do I get around the apparent weakness of
VB.NET with respect to it providing an easy way for others to view the internal methods and
procedures. Is there a way to "obfuscate"? Are there products to do that?
Thanks
HOWEVER, the question was not about encryption algorithms, I have already done that.
The purpose of my request for information is how do I get around the apparent weakness of
VB.NET with respect to it providing an easy way for others to view the internal methods and
procedures. Is there a way to "obfuscate"? Are there products to do that?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I'm not sure where you get the idea that exposing an encryption algorithm is a weakness. The best encryption algortihms are the one's that have been extensively studdied and proven to have no obvious weaknesses. The only thing that needs to be secure is the encryption key. This a well-known principle - http://en.wikipedia.org/wiki/Kerckhoffs'_principle. Trying to keep you encryption algorithm secret is what Bruce Schneier calls Security Through Obscurity - http://www.schneier.com/crypto-gram-0205.html#1. The principle is that the fewer secrets you have the better your security.
If you are using .NET then you have access to some very secure algorithms in the System.Security.Cryptograp
Regards
Kelvin